Exchange 2007 LDAP Search Time errors

Posted on 2010-01-08
Medium Priority
Last Modified: 2013-12-24
We have always noticed the following error in MOM - indicating an LDAP Search Time Critical Error on our HUB/CAS Servers...  the MS range is anywhere from 111ms up to over 400ms... yet if I do a constant PING from both CAS servers... and leave them running all day long, I see no more than 1-2ms response.. and a 1ms total average over a 24 hour period.

Is this just a MOM issue reading these settings incorrectly?  We have another site in Australia, which when I see their alerts, they do see the same LDAP Critical error... yet the expected test results are all the same.

I don't really think there is any negative network performance or system performance based on these errors... but I just want to be proactive and make sure there isn't something I am missing.. or if there is something I can tweak to help prevent these problems from coming up.

Current Setup:

2 x 2008 Enterprise x64 Bit, Exchange 07 CAS/HUB Servers.  1 NLB NIC, 1 Outbound Mail NIC
2 x 2008 Enterprise x64 Bit, Exchange 07 Mailbox Servers (Clustered) 1 Public NIC, 1 Heartbeat NIC

Severity:  Critical Error
Source:  MSExchange ADAccess Domain Controllers:  LDAP Search Time:  server.domain.com
Name:  LDAP Search Time - sustained for 5 minutes - Red(>100msec).
MSExchange ADAccess Domain Controllers:  LDAP Search Time:  server.domain.com value = 114.473333333334

Knowledge base article for this alert:
http://go.microsoft.com/fwlink/?LinkID=67336&id=F6CFD328-F8BC-489F-9419-408B62CFF631. The average over last 5 samples is 114.473.

Time:  12/1/2009 04:31:00
Alert:  http://SERVERNAMEREMOVED:1272/?v=a&id=0F8646FB-5C71-40F2-8684-CCC86E62436C
Question by:MaiMcNulty
1 Comment
LVL 51

Accepted Solution

Keith Alabaster earned 2000 total points
ID: 26268956
Personally I wouldn't get twisted up about it. We have SCOM 2007 and get the same sort of numbers periodically. Of course ping is not the same as ldap queries - whilst a ping is straight send/receive activity at layer 3, an ldap query is effectively at the application layer, requires the responding AD server to perform the test and for the management system to get the responses back. If the AD server that responds to the query is busy then it might not be that surprising.


Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
Exchange administrators are always vigilant about Exchange crashes and disasters that are possible any time. It is quite essential to identify the symptoms of a possible Exchange issue and be prepared with a proper recovery plan. There are multiple…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

755 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question